RHSA-2026:27353HighCVSS 7.8
Red Hat Security Advisory: kernel security, bug fix, and enhancement update
🔗 CVE IDs covered (8)
📋 Description
CVE-2026-31419 — kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31488 — kernel: drm/amd/display: Do not skip unrelated mode changes in DSC validation CVE-2026-43056 — kernel: net: mana: fix use-after-free in add_adev() error path CVE-2026-43279 — kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing CVE-2026-46090 — kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop CVE-2026-46135 — kernel: nvmet-tcp: fix race between ICReq handling and queue teardown CVE-2026-46145 — kernel: RDMA/mana: Validate rx_hash_key_len CVE-2026-46331 — kernel: net/sched: act_pedit: extend the writable skb range per key
🔗 References (11)
- selfhttps://access.redhat.com/errata/RHSA-2026:27353
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2457829
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2460619
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2464449
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2467215
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2479492
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2481980
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2482581
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2482654
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_27353.json